CWE-98: CWE-98

This vulnerability allows authenticated low-privileged users to upload restricted file types to IBM Maximo Asset Management by appending a dot to the ...

This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...

The Element Pack Elementor Addons plugin for WordPress has a vulnerability that allows authenticated attackers with contributor-level access or higher...

Nagios XI versions before 2024R1.1.4 contain an authenticated local file inclusion vulnerability in the NagVis integration. Authenticated users can ma...

This vulnerability allows attackers to include local files on the server through improper filename control in PHP include/require statements. It affec...

This CVE describes a Directory Traversal vulnerability in the Tikit (now Advanced) eMarketing platform that allows remote attackers to read arbitrary ...

This vulnerability in Xinhu Rainrock RockOA 2.7.0 allows attackers to access sensitive system information through the phpinfo() function by manipulati...

CVE-2024-58302 is a local file inclusion vulnerability in FoF Pretty Mail 1.1.2 that allows administrative users to include arbitrary server files in ...